CVE-2009-4724

PaymentProcessorScript.net - SQL Injection

Title source: llm

Description

SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by MizoZ · textwebappsphp

https://www.exploit-db.com/exploits/34493

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ZoRLu · textwebappsphp

https://www.exploit-db.com/exploits/9351

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9351

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36100

Scores

EPSS 0.0029

EPSS Percentile 52.6%

Details

CWE

CWE-89

Status published

Products (1)

paymentprocessorscript/ppscript

Published Mar 18, 2010

Tracked Since Feb 18, 2026